Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/LetmdDFxakLZngT41-9VpO59kHk.roa
File: LetmdDFxakLZngT41-9VpO59kHk.roa (raw, json)
Hash identifier: IvfK63A53PG82keU6FuBbc5Jf+YIgcjHtLDkLKr9/Qo=
Subject key identifier: 2D:EB:66:74:31:71:6A:42:D9:9E:04:F8:D7:EF:55:A4:EE:7D:90:79
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196944F0DEF061EE878322C80BC63431C7A
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/LetmdDFxakLZngT41-9VpO59kHk.roa
Signing time: Sat 03 May 2025 04:02:10 +0000
ROA not before: Sat 03 May 2025 04:02:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 151.242.108.0/24 maxlen: 24
151.242.111.0/24 maxlen: 24
151.242.122.0/24 maxlen: 24
151.242.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 16 May 2025 14:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:94:4f:0d:ef:06:1e:e8:78:32:2c:80:bc:63:43:1c:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 3 04:02:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2deb667431716a42d99e04f8d7ef55a4ee7d9079
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:92:40:9b:8e:d2:90:82:6c:ff:e2:08:f6:da:
25:e8:86:23:26:f5:57:68:5a:40:3d:dd:fd:7b:00:
6e:2e:df:4e:a6:eb:02:e0:c9:31:1c:73:a7:0d:f4:
37:33:3a:01:cd:af:ba:db:4b:ce:cc:b5:ea:5a:c7:
0c:11:94:e6:b4:7d:1a:36:e3:3c:e7:83:50:c0:0e:
a6:cf:8d:26:e5:ae:f4:ee:3b:eb:e7:3d:22:84:ce:
1a:c9:9c:c1:f8:01:ab:95:b7:a8:91:ae:f2:2e:ee:
4e:85:6a:9d:d5:aa:66:60:56:70:ad:b7:ad:43:13:
6b:46:b4:9c:51:81:24:f7:fd:5a:2d:f8:4b:b8:39:
d8:b0:77:99:da:1a:18:41:24:b9:21:4a:6e:1e:c6:
6c:15:8e:28:8b:de:f2:72:e2:6f:a3:30:bf:0f:34:
7d:db:88:06:50:f3:95:a1:79:71:7d:7f:ab:08:8c:
06:b3:db:78:ad:f1:4a:08:78:a7:af:c5:de:6a:14:
f5:f0:2f:62:b8:a2:23:c3:db:4f:28:5a:73:79:05:
69:16:a7:70:54:31:0f:4f:35:47:36:63:28:63:2f:
18:f5:65:a9:b9:11:06:e1:f7:14:a1:65:a2:e3:cf:
2a:f5:af:05:50:88:69:63:7f:47:e6:69:5f:06:aa:
fd:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:EB:66:74:31:71:6A:42:D9:9E:04:F8:D7:EF:55:A4:EE:7D:90:79
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/LetmdDFxakLZngT41-9VpO59kHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.108.0/24
151.242.111.0/24
151.242.122.0/24
151.242.155.0/24
Signature Algorithm: sha256WithRSAEncryption
70:5b:d7:89:75:cf:83:eb:7c:84:39:0a:5e:5f:22:91:47:41:
27:ab:64:73:39:2a:bb:23:1c:92:fb:89:a1:ba:e8:f7:ad:55:
cc:96:56:70:25:34:4a:29:0a:db:3d:4a:f0:8c:c5:dd:60:53:
99:ab:b7:c1:e1:79:47:14:e9:c4:69:9d:10:9f:9b:49:74:9b:
7f:e3:a1:45:04:aa:c0:6e:6e:c9:cc:f5:da:13:d2:29:e6:81:
a8:a0:d1:13:b6:ff:b1:22:12:0c:a5:a3:68:57:d0:aa:92:bb:
ff:d5:cb:c2:57:c8:81:f1:33:56:fe:fd:a9:02:51:ac:cd:5a:
a2:73:f1:70:f6:af:96:0e:e1:16:b2:b0:6e:b9:0f:28:c8:22:
91:80:5b:40:b8:e4:06:bf:2e:b9:a0:cb:48:2f:4a:22:84:44:
b7:50:fa:d4:63:b2:f6:db:18:1d:a6:e6:5c:ce:17:49:05:53:
ee:f0:98:0f:92:8a:bf:bb:e7:a3:e0:81:1d:1e:d6:9d:0c:bc:
cc:fc:1d:ce:d5:03:7f:b3:77:e5:33:4d:ff:45:6a:24:2d:ac:
48:ef:06:e6:ec:6c:fe:9a:64:e4:1d:87:8d:89:b9:73:32:55:
f0:ce:6b:01:5f:3b:98:f9:0c:96:2c:46:61:98:59:c2:32:b2:
f3:8f:73:b5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZaUTw3vBh7oeDIsgLxjQxx6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTAzMDQwMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGViNjY3NDMxNzE2YTQyZDk5ZTA0ZjhkN2VmNTVhNGVlN2Q5MDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ZJAm47SkIJs/+II9tol6IYjJvVX
aFpAPd39ewBuLt9OpusC4MkxHHOnDfQ3MzoBza+620vOzLXqWscMEZTmtH0aNuM8
54NQwA6mz40m5a707jvr5z0ihM4ayZzB+AGrlbeoka7yLu5OhWqd1apmYFZwrbet
QxNrRrScUYEk9/1aLfhLuDnYsHeZ2hoYQSS5IUpuHsZsFY4oi97ycuJvozC/DzR9
24gGUPOVoXlxfX+rCIwGs9t4rfFKCHinr8XeahT18C9iuKIjw9tPKFpzeQVpFqdw
VDEPTzVHNmMoYy8Y9WWpuREG4fcUoWWi488q9a8FUIhpY39H5mlfBqr9EwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFC3rZnQxcWpC2Z4E+NfvVaTufZB5MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvTGV0bWRERnhha0xabmdUNDEtOVZwTzU5a0hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAl/JsAwQA
l/JvAwQAl/J6AwQAl/KbMA0GCSqGSIb3DQEBCwUAA4IBAQBwW9eJdc+D63yEOQpe
XyKRR0Enq2RzOSq7IxyS+4mhuuj3rVXMllZwJTRKKQrbPUrwjMXdYFOZq7fB4XlH
FOnEaZ0Qn5tJdJt/46FFBKrAbm7JzPXaE9Ip5oGooNETtv+xIhIMpaNoV9Cqkrv/
1cvCV8iB8TNW/v2pAlGszVqic/Fw9q+WDuEWsrBuuQ8oyCKRgFtAuOQGvy65oMtI
L0oihES3UPrUY7L22xgdpuZczhdJBVPu8JgPkoq/u+ej4IEdHtadDLzM/B3O1QN/
s3flM03/RWokLaxI7wbm7Gz+mmTkHYeNiblzMlXwzmsBXzuY+QyWLEZhmFnCMrLz
j3O1
-----END CERTIFICATE-----
Generated at Thu May 15 23:58:32 2025 by rpki-client